diff --git a/crates/erp-auth/src/middleware/jwt_auth.rs b/crates/erp-auth/src/middleware/jwt_auth.rs
index a16f409..4ba2088 100644
--- a/crates/erp-auth/src/middleware/jwt_auth.rs
+++ b/crates/erp-auth/src/middleware/jwt_auth.rs
@@ -61,10 +61,12 @@ fn is_token_revoked(token: &str, _exp: i64) -> bool {
 }
 
 fn token_hash(token: &str) -> String {
-    use std::hash::{Hash, Hasher};
-    let mut hasher = std::collections::hash_map::DefaultHasher::new();
-    token.hash(&mut hasher);
-    format!("{:016x}", hasher.finish())
+    use sha2::{Digest, Sha256};
+    let mut hasher = Sha256::new();
+    hasher.update(token.as_bytes());
+    format!("{:016x}", u64::from_be_bytes(
+        hasher.finalize().as_slice()[0..8].try_into().unwrap_or([0u8; 8])
+    ))
 }
 
 /// JWT authentication middleware function.